An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality.
References
Link | Resource |
---|---|
https://tenable.com/security/research/tra-2024-33 |
Configurations
History
04 Sep 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
30 Aug 2024, 13:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
CPE | cpe:2.3:a:flowiseai:flowise:1.8.2:*:*:*:*:*:*:* | |
CWE | CWE-287 | |
First Time |
Flowiseai flowise
Flowiseai |
|
References | () https://tenable.com/security/research/tra-2024-22-0 - Third Party Advisory |
27 Aug 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-27 13:15
Updated : 2024-09-06 15:35
NVD link : CVE-2024-8181
Mitre link : CVE-2024-8181
CVE.ORG link : CVE-2024-8181
JSON object : View
Products Affected
flowiseai
- flowise
CWE
CWE-287
Improper Authentication